Hackers use a variety of strategies for attacking computing devices, including mobile devices. Many strategies involve attempts to identify the memory layout of an application so that known vulnerabilities in system services can be exploited by knowing where the services are located in memory. Such attacks may embody “control hijack attacks” that target system services, such as return oriented programming (ROP). The goal of ROP attacks is privilege escalation and the follow up benefits. Such attacks often employ brute force tactics in which an attacker exhaustively explores the process address space to find vulnerable or gadget code/data locations. Brute force tactics can cause the victim system service of the attack to crash. Another form of attack takes advantage of information leakage. Such techniques exploit format string vulnerabilities to gain certain information (e.g., return addresses and thereby some library function locations). Information leakage of a vulnerable process can compromise another process, particularly processes using dynamic shred libraries. Attacks can combine techniques to more effectively discover exploitable vulnerabilities of the address space used by one or more processes.
Address Space Layout Randomization (ASLR) is a well-known technique of protecting applications against hack attacks by storing different sections of a program in randomly chosen locations in memory at run time and using an address space map to enable program execution. ASLR provides protections against hacking not afforded by conventional application mapping in which program sections are loaded at specific fixed (e.g., contiguous) locations. ASLR makes it difficult for an attacker to find different code locations in the address space of an actively running process. However, ASLR can still be attacked. Even when application code is randomized using ASLR, the information gathered by the attacker in a brute force attack can be used upon re-initialization of the victim system service because the same address space can be used.